package security;

import java.io.IOException;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Map;

import main.Application;

import org.apache.xerces.parsers.DOMParser;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;

public class RightsManager 
{
	private Map<String,TableRights  >securities;
	//< nazwa tabeli na ktora nalozono zabezpieczenie, no>
	private Map<String,RightsAttributes > attributes; //<nazwa tabeli ktorej dotyczy zabezpieczenie, atrybuty>
	static private String TAG_SECURITY = "right";
	private String filePath;
	
	
	public RightsManager(String xmlPath)
	{
		this.filePath = xmlPath;
	}
		
	/**
	 * wczyata xmla i popyta bazy o co mu sie zachce
	 * @throws IOException 
	 * @throws SAXException 
	 * @throws SQLException 
	 */
	public void doAll() throws SAXException, IOException, SQLException
	{
		readXml();
		readDataFromDatabase();
	}
	public void readDataFromDatabase() throws SQLException 
	{
		securities = new HashMap<String, TableRights>();
		String currLogin = Application.getInstance().getLogin();
		Object[] keys = attributes.keySet().toArray();
		for(int i=0;i<keys.length;++i)
		{
			String targetTableName = keys[i].toString();
			RightsAttributes secAttrib = attributes.get(targetTableName);
			
			String tableName = secAttrib.getTableName();
			String owner= secAttrib.getOwner();
			String target = secAttrib.getTarget();
			String rightdInfo = secAttrib.getRightsInfo();
			
			String query = "SELECT " + target +","+rightdInfo+ " FROM " + tableName + " WHERE " + owner +" = '" + currLogin +"'";
			//System.out.println(query);
			Connection con = Application.getInstance().getConnection();	
			Statement stmt = con.createStatement();				
			ResultSet result = stmt.executeQuery(query);
			TableRights sec = new TableRights(target);
			while(result.next())
			{
				sec.addSecure(result.getString(target), result.getString(rightdInfo));
			}
			securities.put(targetTableName, sec); 
		}
		
	}
	private void readXml() throws SAXException, IOException 
	{
		attributes = new Hashtable< String,RightsAttributes >();
		DOMParser xmlparser = new DOMParser(); 
		xmlparser.parse(filePath);
		Document doc = xmlparser.getDocument(); 
		NodeList nodes=doc.getElementsByTagName(RightsManager.TAG_SECURITY);
		for(int i=0;i<nodes.getLength();++i)
		{
			Element secElem = (Element)nodes.item(i);
			String tableName = secElem.getAttribute(RightsAttributes.ATTRIB_TABLE_NAME);
			String owner= secElem.getAttribute(RightsAttributes.ATTRIB_OWNER);
			String target= secElem.getAttribute(RightsAttributes.ATTRIB_TARGET);
			String secureTable= secElem.getAttribute(RightsAttributes.ATTRIB_SECURE_TABLE);
			String rightsInfo= secElem.getAttribute(RightsAttributes.ATTRIB_RIGHTS_LVL);
			
			RightsAttributes secAttrib = new RightsAttributes(tableName,owner,target,secureTable,rightsInfo);
			attributes.put(secureTable, secAttrib);
		}
	}	
	/**
	 * zwroci info o uprawnieniach do tabeli
	 * @param tableName
	 * @return
	 */
	public TableRights getTableRights(String tableName)
	{
		return securities.get(tableName);
	}
}
